Discover the best authorization flow for seamlessly integrating your desktop application with Salesforce to create leads and streamline your marketing campaigns.
Table of Contents
Question
Universal Containers (UC) has a desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and Salesforce should be seamless.
What Authorization flow should the Architect recommend?
A. JWT Bearer Token Flow
B. Username and Password Flow
C. User Agent Flow
D. Web Server Authentication Flow
Answer
C. User Agent Flow
Explanation
The Web Server Authentication Flow is the most suitable authorization flow for Universal Containers to integrate their desktop application with Salesforce for creating leads seamlessly. This flow is designed for server-side applications that can securely store client secrets and handle the authentication process.
In the Web Server Authentication Flow, the desktop application redirects the user to the Salesforce login page, where they enter their credentials. Upon successful authentication, Salesforce redirects the user back to the application with an authorization code. The application then exchanges this code for an access token and a refresh token, which are used to make API calls to Salesforce on behalf of the user.
This flow provides a secure and seamless integration by leveraging the OAuth 2.0 protocol. It allows the desktop application to obtain the necessary tokens without directly handling the user’s credentials, ensuring a higher level of security. Additionally, the refresh token enables the application to obtain new access tokens when needed, without requiring the user to re-authenticate.
Other authorization flows mentioned in the options are less suitable for this scenario:
- JWT Bearer Token Flow is typically used for server-to-server integration and requires a certificate for signing JWT tokens.
- Username and Password Flow is not recommended as it involves directly handling user credentials within the application.
- User Agent Flow is primarily used for client-side applications running in a web browser, not for desktop applications.
Therefore, the Web Server Authentication Flow is the most appropriate choice for Universal Containers to achieve a secure and seamless integration between their desktop application and Salesforce for lead creation.
Salesforce Certified Identity and Access Management Designer certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Salesforce Certified Identity and Access Management Designer exam and earn Salesforce Certified Identity and Access Management Designer certification.